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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

• Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- tf the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)(E Responsive to communication(s) filed on 24 May 2001 . 
2a)D This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-20 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) [E Claim(s) 1-20 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)S The drawing(s) filed on 24 May 2001 is/are: a)^ accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1 ) Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) 

2) □ Notice of Drafts person's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) [3 Information Disclosure Statement(s) (PTO-1 449 or PTO/SB/08) 5) □ Notice of Informal Patent Application (PTO-1 52) 

Paper No(s)/Mail Date 9/16/2004 . 6) □ Other: . 
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This action is in response to the communication filed on 5/24/2001. 
DETAILED ACTION 

1. Claims 1-20 have been examined. 

Title 

2. The title of the invention is acceptable. 

Priority 

3. No claim for priority has been made for this application. 

4. The effective filing date for the subject matter defined in the pending claims in this 
application is 5/24/2001. 

Information Disclosure Statement 

5. The information disclosure statement (EDS) submitted on 9/16/2004 is in compliance 
with the provisions of 37 CFR 1 .97. Accordingly, the examiner is considering the information 
disclosure statement. 

Drawings 

6. The drawings filed on 2/24/2001 are acceptable for examination proceedings. 

Claim Rejections - 35 USC § 112 

7. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

8. Claims 1-20 are rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 
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9. Regarding claims 1, 8, and 14, the phrase "such as" renders the claim indefinite because it 
is unclear whether the limitations following the phrase are part of the claimed invention. One of 
ordinary skill in the art would be unable to determine whether the data exchanged over the 
communication path was required to include identification information and digital certification 
information or whether these were merely meant as examples of data that could be exchanged 
over the communication path, and would therefore be unable to determine the scope of the 
claims. Therefore, claims 1, 8, and 14 are rejected for failing to particularly point out and 
distinctly claim the subject matter which the applicants regard as the invention. See MPEP 

§ 2173.05(d). For purposes of searching prior art, the examiner will assume the limitation was 
meant to read "creating a communication path to exchange identification data and digital 
certification data between the two systems". 

10. Claims 2-7, 9-13, and 15-20 are rejecte4d by virtue of their dependency to claims 1, 8, 
and 14. 

Claim Rejections - 35 USC §102 

1 1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign 
country or in public use or on sale in this country, more than one year prior to the date of 
application for patent in the United States. 

12. Claims 1-5, 7-12, 14-18, and 20 are rejected under 35 U.S.C. 102(b) as being anticipated 
by Elgamal et al. (US Patent Number 5,657,390) hereinafter referred to as Elgamal. 
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13. Regarding claim 1, Elgamal disclosed a method of establishing a secure communication 
path between two computer systems (See Elgamal Col. 3 Paragraph 3) comprising: creating a 
communication path to exchange data (See Elgamal Col. 6 Line 57 - Col. 7 Line 12) such as 
identification data and digital certification data between the two systems (See Elgamal Fig. 4 and 
Col. 7 Lines 13-40 and Fig. 5 and Col. 8 Line 45 - Col. 10 Line 23); determining, based on the 
identification data, whether to confirm the digital certification data (See Elgamal Figs. 4-5, Col. 
7 Lines 20-65, Col. 10 Lines 3-23, Col. 20 Lines 25-32, Col. 22 Line 56 - Col. 23 Linel8); and 
creating a secure communication path, without confirming the digital certification data if it is 
determined the digital certification data should not be confirmed (See Elgamal Fig. 5 and 
corresponding text) , or after confirming the digital certification data if it is determined that the 
digital certification data should be confirmed (See Elgamal Fig. 4 and Corresponding text). 

14. Regarding claim 2, Elgamal disclosed that the determining step includes the step of 
consulting an internal table, the internal table including identification data of all computer 
systems whose digital certification need not be confirmed (See Elgamal Col. 8 Lines 45-61 and 
Col. 10 Lines 3-23). 

1 5. Regarding claim 3, Elgamal disclosed he two computer systems include a local and a 
remote computer system, the exchanged data further including one or more authentication 
proposals from the local computer system and a selected authentication proposal from the remote 
system (See Elgamal Col. 5 Paragraph 3 and Col. 10 Lines 3-23). 

16. Regarding claim 4, Elgamal disclosed selecting an access method in response to 
determining to confirm the digital certification data; and invoking the selected access method 
(See Elgamal Col. 7 Lines 13-40). 
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17. Regarding claim 5, Elgamal disclosed selecting a local-remote pair from an endpoints 
table corresponding to the computer systems (See Elgamal Col. 8 Line 45 - Col. 9 Line 3 1); 
selecting a policy from a policy table based on the selected local-remote pair, the policy 
including one or more access methods (See Elgamal Col. 9 Lines 9-14); and transmitting one or 
more security proposals corresponding to the selected policy to the remote computer system (See 
Elgamal Col. 10 Lines 3-6). 

18. Regarding claim 7, Elgamal disclosed digitally signing a message using a private key 
corresponding to one of the computer systems; and sending the signed message to the other 
computer system (See Elgamal Figs. 4 and 5 and Col. 8 Lines 5-20). 

19. Claim 8 is rejected for the same reasons as claim 1 above and further because Elgamal 
disclosed an information handling system comprising: one or more processors; a memory 
accessible by the processors; a nonvolatile storage accessible by the processors; a network 
interface connecting the information handling system to a computer network (See Elgamal Col. 3 
Lines 46-55); and a network security tool to create a secure path between computer systems (See 
the rejection of claim 1 above). 

20. Claims 9-12 are rejected for the same reasons as claims 2-5 above as applied to claim 9 
above. 

21 . Claim 14 is rejected for the same reasons as claim 1 above and further because Elgamal 
disclosed a computer program product for implementing the SSL System (See Elgamal Abstract 
and Claims). 

22. Claims 15-18 are rejected for the same reasons as claims 2-5 above as applied to claim 14 
above. 
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23. Claims 20 is rejected for the same reasons as claim 7 above as applied to claim 14 above. 

Claim Rejections - 35 USC §103 

24. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject 
matter sought to be patented and the prior art are such that the subject matter as a whole 
would have been obvious at the time the invention was made to a person having ordinary 
skill in the art to which said subject matter pertains. Patentability shall not be negatived 
by the manner in which the invention was made. 

25. Claims 6, 13, and 19 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Elgamal as applied to claims 1, 8, and 14 above, and further in view of Schneier (Applied 
Cryptography). 

Elgamal disclosed receiving a remote digital certificate from the other computer system 
(See Elgamal Col. 7 Lines 20-26), but Elgamal failed to disclose verifying the certification 
authority signature on the certificate. However, Elgamal did disclose issuing a "bad certificate" 
error if the signature on the certificate was bad (See Elgamal Col. 20 Lines 25-33). 

Schneier teaches that certification authorities sign certificates, and that in order to verify 
whether a certificate is bad or not, the signature of the certification authority on the certificate 
must be verified (See Schneier Pages 185 - 186 Section Entitled "Public-key Certificates", 
Especially page 186 Lines 1-8). 

It would have been obvious to the ordinary person skilled in the art at the time of 
invention to employ the teachings of Schneier in the certificate authentication of Elgamal by 
checking to make sure the signature on the certificate was the signature of a trusted certification 
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authority. This would have been obvious because the ordinary person skilled in the art would 
have been motivated to ensure that the public key in the certificate was the public key of the 
remote party in order to protect against substitution man-in-the-middle attacks. 



Conclusion 

26. Claims 1-20 have been rejected. 

27. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

a. Richard et al. (US Patent Number 5,922,074) disclosed a system for establishing a 
secure connection between two remote systems in which a certificate is only verified 
depending on a database that determines if the certificate owner is trusted or not. 

28. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Matthew T Henning whose telephone number is (571) 272-3790. 
The examiner can normally be reached on M-F 8-4. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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